Cybersecurity Risk Manager
Job in
Oak Brook, DuPage County, Illinois, 60523, USA
Listed on 2026-06-03
Listing for:
Scigon
Full Time
position Listed on 2026-06-03
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, Data Security, IT Business Analyst
Job Description & How to Apply Below
Cybersecurity Risk Manager
Overview
We are looking for a Cybersecurity Risk Manager to lead and strengthen our enterprise risk program. This role focuses on identifying, assessing, and managing cyber risks across internal systems, business processes, and third-party ecosystems. The ideal candidate is hands-on, structured, and comfortable working with both technical teams and business stakeholders.
Key Responsibilities
Risk Assessments
Conduct end-to-end cybersecurity risk assessments across applications, infrastructure, and business processes
Identify vulnerabilities, threats, and control gaps, and translate findings into actionable remediation plans
Work with engineering and business teams to validate risks and track mitigation progress
Threat Modeling
Lead threat modeling exercises for new and existing systems
Identify attack vectors, trust boundaries, and potential impact scenarios
Partner with engineering teams to embed secure design practices early in the development lifecycle
Third-Party Cyber Risk
Assess and monitor cybersecurity risks associated with vendors and external partners
Review security questionnaires, audit reports, and contractual security requirements
Collaborate with procurement and legal teams to ensure risk is properly managed and documented
GRC and Risk Governance
Support and maintain governance, risk, and compliance processes aligned with regulatory and internal requirements
Ensure policies, standards, and control frameworks are effectively implemented and followed
Contribute to audits, regulatory reviews, and control testing activities
Risk Register Management
Maintain and continuously update the enterprise cybersecurity risk register
Ensure risks are clearly documented, categorized, and prioritized based on impact and likelihood
Track remediation actions and ensure accountability across stakeholders
Reporting and Communication
Develop clear, concise risk reports for technical teams and senior leadership
Translate complex technical risks into business language and impact
Provide regular updates on risk posture, trends, and remediation status
Required Qualifications
Solid experience in cybersecurity risk management, GRC, or related functions
Hands-on experience conducting risk assessments and threat modeling
Experience managing third-party or vendor cyber risk programs
Strong understanding of security frameworks such as NIST, ISO 27001, or similar
Ability to maintain structured risk registers and track remediation efforts
Strong communication skills with the ability to engage both technical and non-technical stakeholders
Preferred Qualifications
Strong risk qualification and prioritization skills, with the ability to distinguish real risk from noise
Experience in regulated environments such as finance, healthcare, or large enterprises
Familiarity with audit processes and control validation
Experience working with cross-functional teams across legal, compliance, and technology
Certifications such as CISSP, CISM, CRISC, or similar
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×